Bitcoin: inside the encrypted, peer-to-peer digital currency

Bitcoin—a pseudonymous cryptographic currency designed by an enigmatic, freedom-loving hacker, and currently used by the geek underground to buy and sell everythingfromservers to cellphone jammers. No, this isn't a cyberpunk artifact from Snow Crash or Neuromancer; it's a real currency currently valued several times higher than the US dollar, the British pound, and the Euro.

Bitcoin is a virtual currency, designed to allow people to buy and sell without centralized control by banks or governments, and it allows for pseudonymous transactions which aren't tied to a real identity. In keeping with the hacker ethos, Bitcoin has no need to trust any central authority; every aspect of the currency is confirmed and secured through the use of strong cryptography.

Over the last few months, Bitcoin's value has risen by an order of magnitude as the sagas of Wikileaks and Anonymous (among others) have highlighted the limits of a financial system which relies on centralized intermediaries. With a current estimated market capitalization of about $100 million, Bitcoin has recently graduated from a theoretical techno-anarchic project patronized by libertarians and hackers to a full-fledged currency prompting comment from technologists and economists. At the time of this writing, one Bitcoin (BTC) is worth about US$15.

So how does Bitcoin work? Is it really secure? And is it here to stay—or just another digital currency fad? Glad you asked.

Complexities of cryptographic currencies

The problem with purely digital currencies is that of double-spending. Economists in the audience will note that digital products like a movie or a text file are non-rivalrous. If you have a copy of my pseudo-trip-rock band's new MP3 album, there's still just as much MP3 to go around for everyone else who wants one. That's not a problem for files, but it is a problem with currency, since the whole point is that there's a limited supply. If you use a dollar at the grocery store today, you can't go out and spend that same dollar at a bar tomorrow.

The usual solution to the double-spending problem is a trusted intermediary. PayPal makes sure that you can't spend the same dollars twice by deducting them from your account before they get added to someone else's account. Visa, MasterCard, and every other bank and payment processor do the same. However, this centralized approach is the one that enigmatic creator Satoshi Nakamoto specifically tried to avoid in the original Bitcoin design. The idea was to use cryptography to create verifiable transaction records without the need to trust anyone but your own calculations.

The Bitcoin solution uses cryptography and an open transaction register. Whenever you spend a Bitcoin, you cryptographically sign a statement saying that you have transferred the coin to a new owner and you identify the new owner by their public crypto key. Whenever they need to spend the coin, the new owner uses his private key to sign it over to some further owner. As soon as a transaction takes place, the recipient (who has a very strong incentive to ensure that you don't spend the coin twice) publishes the transaction to the global Bitcoin network. Now every Bitcoin user has incontrovertible evidence that the coin has been spent, and users won't accept that coin from anyone but the new owner.

Mining and make-work

As a digital currency, Bitcoin suffers from a tangibility problem. Unlike other currencies traded online, you can't go to a bank and withdraw physical coins, so what are they? More importantly, where do they come from? Coins are essentially agreements between all the Bitcoin nodes to accept a particular coin as currency. They are created gradually according to a precise protocol in order to reward those who contribute and maintain the network, control the rate of creation of the currency, and maintain the integrity of the transaction list.

In a process known as mining, individual Bitcoin users attempt to generate new coins by checking the integrity of the transactions list. They confirm the previous transactions and attempt to solve a difficult proof-of-work problem which involves exhaustively trying different solutions. There are a very large number of such potential solutions, so the likelihood of finding the solution depends how many other people are looking for it and how much computing power you devote to the problem. The first client to find the solution announces its good fortune to the whole network and earns a little reward for itself in the form of some shiny new Bitcoins.

By finding the newest solution to the proof-of-work problem, a Bitcoin client confirms the history of previous transactions and moved the transaction register forward, allowing new debits and credits to form part of the next block that can be mined to earn more coins. Future coins can't be mined in advance, because the computation to find the new block (and hence create new Bitcoins) relies on the the chain of previous blocks and the history of transactions since the most recent block.

The number of new coins generated per block gradually decreases over time. It started out at 50 BTC, but will dwindle to zero sometime in future when all 21 million coins have been generated. Fortunately, coins can be divided down to the eighth decimal place, which may prove increasingly useful if their value grows.

A Bitcoin explainer

What's a few coins between friends?

One of the difficulties with a novel currency like Bitcoin is adoption and valuation. The same was true when the greenback paper dollar was first introduced, and it's a real problem with any means of exchange. After all, a currency is little more than something useless but rare which everyone agrees to trade for useful things, whether apples or assault rifles. National currencies have the advantage that governments demand them in taxes and require them to be accepted, which provides both a particular market and a high rate of adoption.

So, why would anyone exchange their hard-won dollars for Bitcoins, or accept Bitcoins in exchange for real products like a carton of milk or a subway ride? As a currency, Bitcoin has a number of desirable features which are not found together in any other currency. Cash has features like anonymity and eminent portability, but also comes with the downside that you have to physically move it from place to place to use it. Credit cards and other trust-based electronic currencies can be used instantly over any distance, but you have to attach your real identity to the purchase.

An anonymous Bitcoin transaction

Bitcoins combine the advantages of the two methods. Using Bitcoins, I can buy a racy t-shirt from Tibet and computer time from China without either merchant knowing who I am, or my bank knowing what I bought. This is useful not just for those purchasing questionable items (the downside of anonymous currency flows), but also for those who don't want merchants, banks, or card companies to be able to build up detailed profiles of their life, likes, and habits.

Since they're useful, some people want to use Bitcoins. Since some people want to use them, merchants have an incentive to accept them in order to attract the business of those customers.

This simplified economic model is not uncontested. Ars tech policy contributor Tim Lee has publiclycriticized Bitcoin's economic model, both from the point of view of external market forces and over the internal incentive structures inherent to the protocol. Tech and economic policy commentator Jerry Brito provides a counterpoint, emphasizing Bitcoin's decentralizaion, which makes it very hard to control, but concedes that it is very hard to distinguish between a currency bubble and currency value.

Bitcoin's anonymity has already attracted Congressional attention. Sen. Chuck Schumer (D-NY) this weekend blasted Silk Road, an online drugs outlet that allegedly relies on TOR to obfuscate Internet traffic and Bitcoins for payment. "It's an online form of money laundering used to disguise the source of money, and to disguise who's both selling and buying the drug," Schumer said.

"At the time of this writing, one Bitcoin (BTC) is worth about US$15."

when was this? as of last night it was over $20 due to all the morons jumping on this because they think it's the "next big thing" (nevermind that the value is hugely unstable and no one is actually using this for anything except drugs and money laundering)

They are going to have problems, with only 21 million bitcoins, even with 168 million 1/8 bitcoins. How do you buy a stick of gum when 1/8 bit coin is worth 2 dollars?

No, not 1/8 coins, down to the 8th decimal place. So 2.1x10^14 units. The value of the smallest unit will exceed one cent when the currency value exeeds 2.1 trillion dollars. At that point just invent a "New Bitcoin" with an exchange rate to the old.

If trust is based on a peer to peer network that publishes transactions, then what stops a bad person from simultaneously spending a specific bitcoin at multiple different places?

Say a website in China, and one in Germany both accept bitcoin. From the US I write a program to simultaneously spend my bitcoin at both places. How could the peer to peer network possibly publish the updated transaction fast enough to both sides of the planet before I run off with the goods from both sites?

They are going to have problems, with only 21 million bitcoins, even with 168 million 1/8 bitcoins. How do you buy a stick of gum when 1/8 bit coin is worth 2 dollars?

No, not 1/8 coins, down to the 8th decimal place. So 2.1x10^14 units. The value of the smallest unit will exceed one cent when the currency value exeeds 2.1 trillion dollars. At that point just invent a "New Bitcoin" with an exchange rate to the old.

If trust is based on a peer to peer network that publishes transactions, then what stops a bad person from simultaneously spending a specific bitcoin at multiple different places?

Say a website in China, and one in Germany both accept bitcoin. From the US I write a program to simultaneously spend my bitcoin at both places. How could the peer to peer network possibly publish the updated transaction fast enough to both sides of the planet before I run off with the goods from both sites?

The transaction doesn't complete until the transaction with timestamp propagates to all users, after which, only the first transaction counts.

"At the time of this writing, one Bitcoin (BTC) is worth about US$15."

when was this? as of last night it was over $20 due to all the morons jumping on this because they think it's the "next big thing" (nevermind that the value is hugely unstable and no one is actually using this for anything except drugs and money laundering)

gotung wrote:

If trust is based on a peer to peer network that publishes transactions, then what stops a bad person from simultaneously spending a specific bitcoin at multiple different places?

Say a website in China, and one in Germany both accept bitcoin. From the US I write a program to simultaneously spend my bitcoin at both places. How could the peer to peer network possibly publish the updated transaction fast enough to both sides of the planet before I run off with the goods from both sites?

I'm curious about this too. I had hoped this article would answer precisely these, and similar, questions, but it was very brief and uninformative. Could Ars maybe do a big feature on Bitcoin someday soon? It's an interesting subject.

EDIT: Just read Putrid Polecat's explanation. See, that should have been in the article.

" <removed for brevity>Chuck, quit behaving like a douche. While I'm not sold on Bitcoin, I'm even less sold on a government that thinks it has a right to know everything about my business.

I've seen other arguments both for and against the idea of Bitcoin, but I believe your point above is going to be the kicker. The government in no way will allow for anonymous transactions that it can't monitor. Whether their excuses are legitimate or not, and trust me I foresee a furious amount of BS about to be unleashed, governments will try to quash this.

If trust is based on a peer to peer network that publishes transactions, then what stops a bad person from simultaneously spending a specific bitcoin at multiple different places?

Say a website in China, and one in Germany both accept bitcoin. From the US I write a program to simultaneously spend my bitcoin at both places. How could the peer to peer network possibly publish the updated transaction fast enough to both sides of the planet before I run off with the goods from both sites?

From what I have read of the network you don't actually get your money right away. It takes other nodes confirming a transaction for the money to have been spent. On their site it says a transaction could take 10 minutes or more, I have had a transaction take an hour. Bitcoin.org describes how the network works as well.

"It's an online form of money laundering used to disguise the source of money, and to disguise who's both selling and buying the drug," Schumer said.

Chuck, quit behaving like a douche. While I'm not sold on Bitcoin, I'm even less sold on a government that thinks it has a right to know everything about my business.

The "Gumment" doesn't know everything about your business. At most, your bank does. What we have to ensure is that there are strict measures to prevent your bank from "losing" your info, or from spilling the beans without a proper warrant. I honestly prefer to have the Government be able to track down financial transactions after providing reasonable cause if that means being able to catch tax evasion, trafficking, money laundering and the like.

+Griz wrote:

"At the time of this writing, one Bitcoin (BTC) is worth about US$15."

when was this? as of last night it was over $20 due to all the morons jumping on this because they think it's the "next big thing" (nevermind that the value is hugely unstable and no one is actually using this for anything except drugs and money laundering)

This makes me very suspicious of Bitcoin for general use. Sure, centralized systems may have their flaws - we saw a pretty big one just recently with the global financial crisis sparked by junk products that the banks overvalued. But if there isn't any supervision, how do you prevent bubbles? How do you secure peoples' savings? It looks more like a highly-specialized financial product (which in regulated markets are available only to institutional investors) than hard currency.

I read an article in the past on another site...forget where and the specifics, but it mentioned how bitcoin will eventually fail because it's not an inflationary currency - there's no downside to just hoarding what you have. For the dollar and other currencies, just sticking your money into a box will actually lose you money, but since bitcoin is maintained at a certain quantity, hoarding them like that increases their value (less supply, higher demand - all that fun stuff), which doesn't exactly work.

Is that explanation true, or merely incomplete? What kind of incentives are there to 'invest' your coins instead of just holding on to them to increase their value?

While the transfer of bitcoins may be theoretically difficult to trace, the ancillary communications remain as traceable as ever. I may be able to transfer the payment but I need to tell someone that I have in fact paid. Furthermore, in order to complete transactions you really NEED to be able to demonstrate that you've made a payment and the recipient received it. How do you get refunds? A totally untraceable currency system seems like a crappy system for day-to-day use. And do you really want to transfer money to people involved in trafficking people and drugs and just hope they decide to honor their side of an agreement?

When I was in high school our class went on week-long a "field trip" of over a thousand miles and on the first day one of the girls in my class was short-changed by a shopkeeper, losing most of her spending money for the trip. This led my to obsessing about accountable transaction systems... In the end it all comes down to trust. If you don't trust the entity you're doing business with to a pretty considerable extent then no mathematical system is going to fix the problem.

So, it seems to me (and I don't pretend to understand the minute details) that bitcoins are a very elaborate, fragile, poorly conceived (~2.1 trillion dollars... who designs something this futuristic and yet intrinsically obsolete?) non-solution to a non-problem.

"Using Bitcoins, I can buy a racy t-shirt from Tibet and computer time from China without either merchant knowing who I am, or my bank knowing what I bought."

Only to the extent that they still need a mailing address to send the t-shirt to.

Am I the only one reminded of Flooz? I have a hard time thinking that this will be widely adopted.

"As soon as a transaction takes place, the recipient (who has a very strong incentive to ensure that you don't spend the coin twice) publishes the transaction to the global Bitcoin network. Now every Bitcoin user has incontrovertible evidence that the coin has been spent, and users won't accept that coin from anyone but the new owner."

The biggest thing that worries me alone is the screenshot of an "anonymous" transaction. My interpretation is that the coin would have the history of it (as is necessary for the cryptography) and thus the entire chain could in theory be followed, especially if each transaction has to be published to all of the peers. Is there a unique ID associated with each individual? It seems like there would have to be.

<edit for brevity>The "Gumment" doesn't know everything about your business. At most, your bank does. What we have to ensure is that there are strict measures to prevent your bank from "losing" your info, or from spilling the beans without a proper warrant. I honestly prefer to have the Government be able to track down financial transactions after providing reasonable cause if that means being able to catch tax evasion, trafficking, money laundering and the like.<edit for brevity>

I might have 'knee jerked' a bit on a prior post agreeing with jnk1000, but with the Patriot act and all, I'm wary as to how much information is being collected by the government. It's hard to argue that the government has not been monitoring it's citizens more and more through 'terrorism' rhetoric and decreased privacy standards lately.

This is just getting off the ground. Who's to say that in 20 years it may become more legit/recognizable. Or it may just be another fad that the media globs onto, people jump in with both feet then in a year it's never heard from again except to the small percentage that used it in the first place.

That sounds cynical, but we'll have to wait and see what happens. Whatever happens, it's certainly interesting to read about.

I read an article in the past on another site...forget where and the specifics, but it mentioned how bitcoin will eventually fail because it's not an inflationary currency - there's no downside to just hoarding what you have. For the dollar and other currencies, just sticking your money into a box will actually lose you money, but since bitcoin is maintained at a certain quantity, hoarding them like that increases their value (less supply, higher demand - all that fun stuff), which doesn't exactly work.

Is that explanation true, or merely incomplete? What kind of incentives are there to 'invest' your coins instead of just holding on to them to increase their value?

I consider Bitcoins to be a glorified money laundering system. It may not have started off that way, but it's what it has become.

Buy BC from an exchange site run by organized crime, use them on the Silk Road where the coons go back to the criminal ring and the exchange sites. Rings that have dedicated mining farms.

There are legitimate uses, but the primary benefit of the coin is in the black market.

I also consider BC to be a bubble. It'll drop off real soon or people will start to hoard BC as they are designed to go up in value. That or the people with BC hoards will sell them and the value will drop quickly (the values already wildly fluctuate)

I read an article in the past on another site...forget where and the specifics, but it mentioned how bitcoin will eventually fail because it's not an inflationary currency - there's no downside to just hoarding what you have. For the dollar and other currencies, just sticking your money into a box will actually lose you money, but since bitcoin is maintained at a certain quantity, hoarding them like that increases their value (less supply, higher demand - all that fun stuff), which doesn't exactly work.

Is that explanation true, or merely incomplete? What kind of incentives are there to 'invest' your coins instead of just holding on to them to increase their value?

It's a valid concern. The biggest problem facing this sort of currency is stability. It's amusing that the article mentions the comparison to the introduction of greenbacks, but then effectively glosses over it. A non inflationary currency is going to be subject to massive value fluctuations. Take this example:

A financially well off group collaborates to horde bitcoins. By acquiring this non-inflationary currency, they're able to effectively take it out of the money supply. Since the value of the currency is closely linked the to quantity of currency available, the reduction in availability drives up the value of individual bitcoins. As the bitcoins increase in value, deflation takes effect. Ignoring the generally harmful economic effects of deflation for a moment, deflation encourages everyone to save their money, rather than spend it. This causes deflation to accelerate. Eventually, the original investors decide to collect their winnings, and quickly exchange their currency for real goods. The bitcoins they've been hording have appreciated to far greater than their original value, and the sudden influx in currency exchanging hands causes immediate and massive inflation.

That's just a single, quick possible scenario. Inflationary currencies are used for a lot more than just deficit finance. That said, it appears that bitcoins technically are inflationary. The issue is that they're inflationary in a very different manner than we've really seen before. It would take a lot more study to see how this system would behave under real conditions.

BitCoin would, for all intents and purposes, be the first currency not backed by a nation-state (any typically including a central bank and an operating military).

Doesn't gold fill that function already?

Bitcoin is an interesting idea, and the fact that most of the criticisms are bald appeals to the status quo makes me think there might be something to it.

Gold, cigarettes, silver. There's been plenty of non-nation state backed currencies. I think he was trying to say it's the first fiat currency not backed by a nation-state, but I'm not sure if that's accurate either.

The biggest thing that worries me alone is the screenshot of an "anonymous" transaction. My interpretation is that the coin would have the history of it (as is necessary for the cryptography) and thus the entire chain could in theory be followed, especially if each transaction has to be published to all of the peers. Is there a unique ID associated with each individual? It seems like there would have to be.

You can generate a new public key* for each transaction fi you like, and there apparently is no external way to show that bitcoins to me using key AA and key BB tie back to one individual. So whilst each transaction is public, an aggregate isn't necessarily useful.

I stumbled across this a few weeks ago, read a little, got my free 0.2 bitcoins from 'the faucet' for shits n giggles and mined overnight without success. Haven't used it since - I cant really see a way for me to earn them, and darned if im going to spend 'real' cash on any.

*i dont know if thats the proper terminology, but you definitely can click-to-generate a new longish random looking hex number that you tell someone else to 'pay to'.

¨The problem with purely digital currencies...¨I find this sentence problematic.All currencies are digital at the moment, only a small fraction is printedand who is to say that someday BC wont be printed, and why not?

Couldn't help noticing that the still for the video says "no fees" but the transaction log graphic says "This transaction includes 0.02000000 BTC as fee"

Would probably become clear if I read/watched more, but I think I'll stick with being tracked by my credit card provider for now...

It can be free the transaction fee is optionally set by you. Of course, if you offer a zero fee, your transaction won't be 'high priority' as the screenshotted one is and you may have to wait a little longer for someone to do the computation necessary to verify that your transaction did in fact take place. Although I do wonder if there's a any sort of cap cap on the maximum waiting time.I think it's supposed to be a way to incentivize some folks to keep burning CPU cycles for the sake of the whole system even after all 51million coins have been mined.

With the diminushing return principle, the ones who mined them first, hoard a large chunk of the whole. If BitCoin does become a serious thing, they can make a pretty huge benefice for a very small investment.

That's a huge incentive for them to promote the currency, but for me I can't help thinking it looks similar to a Ponzi Scheme...

While the transfer of bitcoins may be theoretically difficult to trace, the ancillary communications remain as traceable as ever. I may be able to transfer the payment but I need to tell someone that I have in fact paid. Furthermore, in order to complete transactions you really NEED to be able to demonstrate that you've made a payment and the recipient received it.

This happens. In fact, you tell everyone that you've made the payment.

Quote:

How do you get refunds?

You don't.

Quote:

So, it seems to me (and I don't pretend to understand the minute details) that bitcoins are a very elaborate, fragile, poorly conceived (~2.1 trillion dollars... who designs something this futuristic and yet intrinsically obsolete?) non-solution to a non-problem.

It's not designed around the dollar. It will be possible to subdivide the final number of bitcoins into 2.1 quadrillion (2.1E15) pieces. As to "non-solution to a non-problem"... it's certainly not without flaws and I'm not buying any, but the problem it tries to solve is very real: a centralized "trusted intermediary" is vulnerable to manipulation by outside forces.